Category Archives for "Network World Security"

ICANN sets plan to reinforce internet DNS security

In a few months, the internet will be a more secure place. That’s because the Internet Corporation for Assigned Names and Numbers (ICANN) has voted to go ahead with the first-ever changing of the cryptographic key that helps protect the internet’s address book – the Domain Name System (DNS). [ Now see: The hidden cause of slow internet and how to fix it. ] The ICANN Board at its meeting in Belgium this week, decided to proceed with its plans to change or "roll" the key for the DNS root on Oct. 11, 2018. It will mark the first time the key has been changed since it was first put in place in 2010.To read this article in full, please click here

IDG Contributor Network: Visibility is key for devops and the hybrid cloud

Cloud has undoubtedly become a key component of successful business in recent years, especially when you consider the race to digitally transform. Across the globe, companies are moving their applications and services to the cloud and are consequently reaping the benefits of lower capex and opex as a result.However, with this process, cloud migration is only a beginning for any organization’s digital transformation (DX) journey. If harnessed correctly, cloud is a pillar of innovation for DX, and can be a driving force for new business models and use cases that – even a few years ago – weren’t possible. No one knows this better than devops teams; these teams hold the line when it comes to continuous delivery and deployment, and it therefore stands to reason that devops play a crucial role in the digital transformation journey. In practice however, the decision makers in charge of cloud strategies are rarely those in the bowels of the ship.To read this article in full, please click here

What to expect when the internet gets a big security upgrade

Ready or not, the upgrade to an important internet security operation may soon be launched. Then again, it might not.The Internet Corporation for Assigned Names and Numbers (ICANN) will meet the week of Sept. 17 and will likely decide whether or not to give the go ahead on its multi-year project to upgrade the top pair of cryptographic keys used in the Domain Name System Security Extensions (DNSSEC) protocol — commonly known as the root zone key signing key (KSK) — which secures the Internet's foundational servers.[ RELATED: Firewall face-off for the enterprise ] Changing these keys and making them stronger is an essential security step, in much the same way that regularly changing passwords is considered a practical habit by any Internet user, ICANN says. The update will help prevent certain nefarious activities such as attackers taking control of a session and directing users to a site that for example might steal their personal information.To read this article in full, please click here

VMware sharpens security focus with vSphere Platinum, ‘adaptive micro-segmentation’

VMware is expanding its security range with a new version of its virtualization software that has security integrated into the hypervisor.“Our flagship VMware vSphere product now has AppDefense built right in,” VMware CEO Pat Gelsinger told the audience at VMworld 2018, which kicked off this week in Las Vegas. “Platinum will enable virtualization teams – you – to give an enormous contribution to the security profile of your enterprise.”[See our review of VMware’s vSAN 6.6 and check out IDC’s top 10 data center predictions. Get regularly scheduled insights by signing up for Network World newsletters] Announced one year ago, AppDefense is VMware’s data-center endpoint-security product, designed to protect applications running in virtualized environments. AppDefense uses machine learning and behavioral analytics to understand how an application is supposed to behave, and it detects threats by monitoring for changes to the application’s intended state.To read this article in full, please click here

IDG Contributor Network: Security serves as an essential component to growing an enterprise with SD-WAN

As enterprises endeavor to expand domestic and global footprints, agile network infrastructure connectivity across geographies continues to prove an ongoing challenge. In particular, ensuring that data shared over these networks is protected from unauthorized access is a primary directive in today’s evolving cyber threat landscape. These often-contradictory demands call for IT decision makers to invest in innovation that will facilitate network flexibility and agility without compromising security, productivity or performance.This challenge begs a simple question. How can a WAN deliver the flexibility and agility necessary to help an organization grow without increasing exposure to data breaches and other security problems? After all, if the cost of convenience is increased network vulnerabilities, can it be considered a sound approach?To read this article in full, please click here

What is Nmap? Why you need this network mapper

Network administrators, IT managers and security professionals face a never-ending battle, constantly checking on what exactly is running on their networks and the vulnerabilities that lurk within. While there is a wealth of monitoring utilities available for network mapping and security auditing, nothing beats Nmap's combination of versatility and usability, making it the widely acknowledged de facto standard.What is Nmap? Nmap, short for Network Mapper, is a free, open-source tool for vulnerability scanning and network discovery. Network administrators use Nmap to identify what devices are running on their systems, discovering hosts that are available and the services they offer, finding open ports and detecting security risks.To read this article in full, please click here

How to protect your infrastructure from DNS cache poisoning

Domain Name System (DNS) is our root of trust and is one of the most critical components of the internet. It is a mission-critical service because if it goes down, a business’s web presence goes down.DNS is a virtual database of names and numbers. It serves as the backbone for other services critical to organizations. This includes email, internet site access, voice over internet protocol (VoIP), and the management of files.You hope that when you type a domain name that you are really going where you are supposed to go. DNS vulnerabilities do not get much attention until an actual attack occurs and makes the news. For example, in April 2018, public DNS servers that managed the domain for Myetherwallet were hijacked and customers were redirected to a phishing site. Many users reported losing funds out of their account, and this brought a lot of public attention to DNS vulnerabilities.To read this article in full, please click here

How the L1 Terminal Fault vulnerability affects Linux systems

Announced just yesterday in security advisories from Intel, Microsoft and Red Hat, a newly discovered vulnerability affecting Intel processors (and, thus, Linux) called L1TF or “L1 Terminal Fault” is grabbing the attention of Linux users and admins. Exactly what is this vulnerability and who should be worrying about it?L1TF, L1 Terminal Fault, and Foreshadow The processor vulnerability goes by L1TF, L1 Terminal Fault, and Foreshadow. Researchers who discovered the problem back in January and reported it to Intel called it "Foreshadow". It is similar to vulnerabilities discovered in the past (such as Spectre).This vulnerability is Intel-specific. Other processors are not affected. And like some other vulnerabilities, it exists because of design choices that were implemented to optimize kernel processing speed but exposed data in ways that allowed access by other processes.To read this article in full, please click here

The rise of next-generation network packet brokers

Network packet brokers (NPB) have played a key role in helping organizations manage their management and security tools. The tool space has exploded, and there is literally a tool for almost everything. Cybersecurity, probes, network performance management, forensics, application performance, and other tools have become highly specialized, causing companies to experience something called “tool sprawl” where connecting a large number of tools into the infrastructure creates a big complex mesh of connections.Ideally, every tool would receive information from every network device, enabling it to have a complete view of what’s happening, who is accessing what, where they are coming in from, and when events occurred.To read this article in full, please click here

Chip maker TSMC will lose millions for not patching its computers

Taiwanese chip-making giant Taiwan Semiconductor Manufacturing Co. (TSMC), whose customers include Apple, Nvidia, AMD, Qualcomm, and Broadcom, was hit with a WannaCry infection last weekend that knocked out production for a few days and will cost the firm millions of dollars.Most chip companies are fabless, meaning they don’t make their own chips. It’s a massively expensive process, as Intel has learned. Most, like the aforementioned firms, simply design the chips and farm out the manufacturing process, and TSMC is by far the biggest player in that field.CEO C.C. Wei told Bloomberg that TSMC wasn’t targeted by a hacker; it was an infected production tool provided by an unidentified vendor that was brought into the company. The company is overhauling its procedures after encountering a virus more complex than initially thought, he said.To read this article in full, please click here

Cisco pays cool $2.3 billion for hot security company Duo

Cisco today laid out $2.35 billion in cash and stock for network- identity, authentication and security company Duo.According to Cisco, Duo helps protect organizations against cyber breaches through the company’s cloud-based software that verifies the identity of users and the health of their devices before granting access to applications with the idea of preventing breaches and account takeover.[ Learn who's developing quantum computers.] A few particulars of the deal include:To read this article in full, please click here

1 2 3 284